Several ongoing imaging-related projects appear in the HHS Office of Inspector General's (OIG) Fiscal Year 2016 Work Plan. Why does that matter to radiologists and radiation oncologists? The OIG operates under Congress’ mandate to review health care-related programs and operations. The Work Plan represents the OIG's annual "playbook" of upcoming investigations, audits, and reports. Its Work Plan lists health care arrangements OIG believes cost too many dollars or could violate federal fraud and abuse laws. Members who render patient care in the areas listed in the Work Plan should not expect an immediate knock on their office door or inbox from the OIG. However, it could happen. You can access the OIG's 2016 Work Plan.

Significantly, OIG continues to list its audit of Medicare Part B payments for imaging services’ practice expenses. This audit first appeared in 2013 and its report again is scheduled to emerge by the fiscal year’s end in September. OIG stated that it will assess whether the payments “reflect the expenses incurred and whether the utilization rates reflect industry practices.” ACR believes that OIG either is gathering additional data or is analyzing all data obtained and deciding whether or when to issue a report. We will continue to monitor the audit very closely.

Notably, OIG has not included its audit of the medical necessity of high-cost diagnostic radiology costs. OIG initially listed this project several years ago, but may have shelved it to address other enforcement areas of concern. Regardless, radiologists and their staffs should properly document the medical necessity of their services.

OIG will launch an audit of hospital security controls of networked medical devices. When it announced the audit in 2014, OIG identified radiology systems as one area in which patient privacy and security might be at risk. This project represents part of an OIG initiative to address hacker groups that have infiltrated government systems and either released sensitive data or leveraged it to perpetrate fraud. Thus, OIG plans to conduct network penetration testing to gauge whether HHS network security needs an upgrade. The audit report may issue by September 2016.

Radiation oncologists should note that OIG still audits Intensity Modulated Radiation Therapy (IMRT). OIG will review whether Medicare outpatient payments for IMRT comply with federal regulations. OIG stated that it determined in prior reviews that some hospitals have inaccurately billed for IMRT. It believes that other services should not be billed when performed as part of developing an IMRT plan. This audit should emerge some time in FY 2016. OIG may focus on claims that were submitted several years ago and compare those with more recent claims, which had to account for IMRT coding revisions.

Finally, OIG may audit radiology and radiation oncology practices that receive federal EHR incentive payments to assess how well they protect electronic health information. OIG will determine whether such practices safeguard, through a security risk assessment, patient health information that certified EHR technology established or maintained. This audit report may issue by September 2016.